There’s a labor shortage in Cybersecurity. A crisis, actually. One that’s expected to continue through 2021 with 1 million jobs currently unfilled. A number that’s expected to reach 6 million globally by 2019.
The Cybersecurity Business Report (CBR) quotes cyber luminary John McAfee, founder of Future Tense Central and CEO at MGT Capital Investments (NYSE MKT: MGT) as saying, “The field of cybersecurity is the least populated of any field of technology. There are two job openings for every qualified candidate.”
Good news for job seekers, right?
Maybe or maybe not. The pipeline of security talent isn’t where it needs to be to help curb the cybercrime epidemic. Only through quality education and training, can cyber experts outpace the Black Hats. Another issue is that organizations are hiring for one position that would typically take three people to do. The job specs list a huge list of disparate skill sets that most security professionals don’t have.
Who’s a good cybersecurity job candidate?
According to an interview the CBR conducted with Frank Zinghini, founder and CEO at Applied Visions, Inc., a software developer providing cybersecurity solutions to government and commercial enterprises globally, “The kind of person who is comfortable sitting in a Security Operations Center monitoring sensors and looking for attacks in real time is different from a forensic analyst who enjoys poring through log files in search of signs of an adversarial presence in the network.”
Similarly, Frank says “those who enjoy attacking web apps to help the developers see if they left anything unsecured are not likely to be interested in (or capable of) analyzing the source code itself for patterns of weakness.”
“These and many other disciplines are all within the realm of cybersecurity; anyone interested in a career in this area should understand the differences and choose a path that suits them.”
Why investing in training in critical
Cybersecurity Executive Recruiter Veronica Mollica, a vice president of business development at CyberSN, says, “Non-existent unemployment may be good for candidates, but not for employers. While zero-percent unemployment rates sounds optimal, it creates a lot of challenges for organizations including retention issues, salary inflation, and sub-par candidates getting jobs they’re not qualified for. Companies are going to have to invest heavily in training young cybersecurity professionals who have a combination of technical, business, and soft skills as the talent gap widens.”
The job outlook
While many grads with cyber degrees can’t get jobs due to lack of experience, the conventional wisdom is they should take entry-level positions and mature as security professionals. Taking a junior position can pay off big in the long run.
Case in point: U.S. News and World Report ranked a career in information security analysis eighth on its list of the 100 best jobs last year. These entry-level positions offer a median annual salary of approximately $90,000, and pay more than six-figures in New York, California, and Virginia, according to the U.S. Bureau of Labor Statistics (BLS). Not exactly chump change. The BLS also states employment of information security analysts is projected to grow 18 percent from 2014 to 2024.
A good place to recruit talented senior-level candidates with several years of deep domain cyber experience are conferences like the annual DEF CON Conference, which attracts upwards of 50,000 specialists each year, as well as the RSA Conference and Black Hat.
While hiring practices, candidate expectations, and recruiting strategies all play into the cybersecurity unemployment rate, the biggest contributor is cybercrime. CSOonline.com, published by IDG Enterprise, which is an IDG (International Data Group) company, predicts that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion last year.
Another CSO blog shares a forecast that the world will spend more than $1 trillion cumulatively over the next five years—from 2017 to 2021—on cybersecurity products and services to combat cybercrime. These figures will almost certainly lead to more unfilled jobs, and more pressure on employers to fill them.
For information on cybersecurity courses and certifications, visit knowledgenet.com and speak to a friendly Success Advisor about training options.